무료 온라인 액세스 CompTIA.CAS-003.v2022-12-20.q589 모의 시험 (Page 97)

CAS-003 문제 476

A security manager needed to protect a high-security data center, so the manager installed a mantrap that can detect an employee's heartbeat, weight, and badge. Which of the following did the security manager implement?

A. A managerial control
D18912E1457D5D1DDCBD40AB3BF70D5D

B. A physical control

C. A corrective control

D. A compensating control

CAS-003 문제 477

A company is purchasing an application that will be used to manage all IT assets as well as provide an incident and problem management solution for IT activity The company narrows the search to two products. Application A and Application B; which meet all of its requirements. Application A is the most cost-effective product, but it is also the riskiest so the company purchases Application B.
Which of the following types of strategies did the company use when determining risk appetite?

A. Mitigation

B. Acceptance

C. Avoidance

D. Transfer

CAS-003 문제 478

A security analyst is reviewing weekly email reports and finds an average of 1.000 emails received daily from the internal security alert email address. Which of the following should be implemented?

A. Separation of duties for systems administrators

B. Machine learning algorithms

C. Tuning the networking monitoring service

D. DoS attack prevention

CAS-003 문제 479

A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).

A. A full-system backup should be implemented to a third-party provider with strong encryption for data in transit.

B. A DLP gateway should be installed at the company border.

C. Strong authentication should be implemented via external biometric devices.

D. Full-tunnel VPN should be required for all network communication.

E. Full-drive file hashing should be implemented with hashes stored on separate storage.

F. Split-tunnel VPN should be enforced when transferring sensitive data.

CAS-003 문제 480

The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

A. Race condition

B. Click-jacking

C. Integer overflow

D. Use after free

E. SQL injection

다른 버전: 5010CompTIA.CAS-003.v2022-07-04.q589; 2159CompTIA.CAS-003.v2022-05-09.q215

최근 업로드: 112Supermicro.SMI300XS.v2025-09-08.q15; 114Oracle.1z0-1104-25.v2025-09-08.q12; 104SAP.C-LIXEA-2404.v2025-09-08.q60; 106Cisco.300-730.v2025-09-08.q143; 106Huawei.H19-308_V4.0.v2025-09-08.q77; 116Nutanix.NCA-6.5.v2025-09-08.q56; 114CompTIA.CV0-003.v2025-09-08.q131; 119SAP.C-TS470-2412.v2025-09-08.q27; 107Oracle.1Z0-1122-25.v2025-09-08.q15; 110ATLASSIAN.ACP-620.v2025-09-08.q60